diff --git a/hosts/pi4/security/default.nix b/hosts/pi4/security/default.nix
index 4583115..63e7212 100644
--- a/hosts/pi4/security/default.nix
+++ b/hosts/pi4/security/default.nix
@@ -1,7 +1,22 @@
+{ systemConfig, ... }:
+
 {
   imports = [
     ./firewall.nix
   ];
 
+  security.sudo.extraRules = [
+    {
+      users = [ systemConfig.username ];
+      runAs = "ALL:ALL";
+      commands = [
+        {
+          command = "ALL";
+          options = [ "NOPASSWD" ];
+        }
+      ];
+    }
+  ];
+
   services.pcscd.enable = true;
 }